From the above log we isolated the issue is due to wired & wireless nics on the client connected to the same network are displayed in the user-table . we are sure will by valid user-ACL we will come out of the situation because wired NIC subnet is not part WLAN.

But we do see the valid IP addresses for the same client on the User-table. So my Doubt was an client roam from controller-1 to other controller-2 , if client is moving from controller on vlan 1 (example) and goes controller-2 on vlan 2 (vlan pooling is even assignment) he is carrying the IP address on of VLAN-1 and displayed in the user-table of controller-2 ,again he acquires vlan-2 IP address from dhcp server (external) is also displayed in the user-table. Not all the clients are seeing the issue.

So we are trying implement Valid user ACL , Enforce DHCP and ARP spoofing to come out of the issue? Please let me know if my approach is correct. Else advice me a better solution.

Re: Issue with multiple IP for users after enabling vlan pooling

‎04-05-201409:20 PM

To be clear, what you are seeing is a side effect where if two interfaces are connected at the same time (wired and wireless)... Traffic from one interface leaks through the wireless network and appears in the user table as the other interface with the same mac address. The same thing happens with mobile phones that connect to wifi: Their mobile ip address also appears in the user table. Enforce-DHCP resolves this, because it will only put a device in the user table that it has observed negotiated DHCP through the controller.